What is Quantum Computing? Why Should I Be Concerned?

Written by the CSA Quantum-Safe Security Working Group

What is quantum mechanics?

Quantum mechanics/physics is a long-proven physical science that describes actions and properties of very small particles. Everything in the universe works and depends on quantum mechanics. It’s how the world works. Computers and software are being created that function using quantum particles and properties. Within a few years, if not already, we will have quantum computers capable of doing things non-quantum computers cannot, including breaking many forms of traditional cryptography and creating new, unbreakable forms of cryptography.

How long have quantum computers been around?

The first working quantum computer was created in 1998. Today there are hundreds of fairly crude quantum computers and hundreds of different types of quantum devices. All known quantum computers are still relatively weak and are in the laboratory and experimental stages, but are predicted to become stronger as time goes on. The world’s governments and corporations are spending billions of dollars a year in the pursuit of building quantum supercomputers and networks. Quantum computer vendors include the world’s largest companies, such as Google, IBM, Intel, Microsoft, and Alibaba.

How is quantum computing able to threaten traditional cryptography?

Particular types of quantum computers, armed with a mathematical algorithm known as Shor’s algorithm, can quickly factor math equations that involve large prime numbers. Equations involving large prime numbers are what give most traditional public key cryptography its protective capabilities. Traditional binary-based computers cannot easily factor large prime number equations. Quantum computers with enough “qubits” can factor large prime number equations in a very short amount of time, measured in minutes to days.

When will quantum computers break traditional public key cryptography?

No one knows for sure, although as soon as quantum computers get four thousand or so “stable” or usable qubits, or that computational equivalent, it is believed that traditional public keys 2048-bits long or shorter will be quickly crackable. Most of the world’s existing public cryptography relies on such keys. Quantum computers are capable of weakening the protective power of other types of cryptography as well, such as symmetric key cryptography.

General estimates of time until quantum computers are capable of breaking traditional public crypto range from a few years to over ten years. CSA estimates that on April 14, 2030, a quantum computer will be able to break present-day cybersecurity infrastructure. We’re calling this pending threat Y2Q.

Regardless of the specific date, most experts and the US government say now is the time to start preparing. If the break happens sooner than people are expecting, then we will be better prepared to respond appropriately. Take the first step by learning more about the quantum threat. In this recording from the CSA Research Summit, hear first-hand from one of the CSA Quantum Working Group leaders about this threat and what we as an industry can do to prepare. You can also learn more by downloading and reading our paper, Practical Preparations for the Post-Quantum World.